syzbot

============================================
WARNING: possible recursive locking detected
syzkaller #0 Not tainted
--------------------------------------------
syz.0.17/4465 is trying to acquire lock:
ffff888079bfe0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x15b/0x1d0 fs/hfs/bfind.c:-1

but task is already holding lock:
ffff888079bfe0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x15b/0x1d0 fs/hfs/bfind.c:-1

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&tree->tree_lock/1);
  lock(&tree->tree_lock/1);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

5 locks held by syz.0.17/4465:
 #0: ffff88807655c460 (sb_writers#13){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 fs/namespace.c:386
 #1: ffff88801b5b1628 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
 #1: ffff88801b5b1628 (&sb->s_type->i_mutex_key#21){+.+.}-{3:3}, at: do_truncate+0x198/0x240 fs/open.c:63
 #2: ffff88801b5b1478 (&HFS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xfb/0x13f0 fs/hfs/extent.c:397
 #3: ffff888079bfe0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x15b/0x1d0 fs/hfs/bfind.c:-1
 #4: ffff88801b5b00f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xfb/0x13f0 fs/hfs/extent.c:397

stack backtrace:
CPU: 1 PID: 4465 Comm: syz.0.17 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0x188/0x250 lib/dump_stack.c:106
 __lock_acquire+0x1236/0x7d10 kernel/locking/lockdep.c:-1
 lock_acquire+0x19e/0x400 kernel/locking/lockdep.c:5623
 __mutex_lock_common+0x1e3/0x2400 kernel/locking/mutex.c:596
 __mutex_lock kernel/locking/mutex.c:729 [inline]
 mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
 hfs_find_init+0x15b/0x1d0 fs/hfs/bfind.c:-1
 hfs_ext_read_extent fs/hfs/extent.c:200 [inline]
 hfs_extend_file+0x35d/0x13f0 fs/hfs/extent.c:401
 hfs_bmap_reserve+0x103/0x420 fs/hfs/btree.c:231
 __hfs_ext_write_extent+0x1fa/0x470 fs/hfs/extent.c:121
 __hfs_ext_cache_extent+0x6b/0x9b0 fs/hfs/extent.c:174
 hfs_ext_read_extent fs/hfs/extent.c:202 [inline]
 hfs_extend_file+0x39c/0x13f0 fs/hfs/extent.c:401
 hfs_get_block+0x40f/0xc50 fs/hfs/extent.c:353
 __block_write_begin_int+0x565/0x15d0 fs/buffer.c:2012
 __block_write_begin fs/buffer.c:2062 [inline]
 block_write_begin fs/buffer.c:2122 [inline]
 cont_write_begin+0x598/0x7b0 fs/buffer.c:2471
 hfs_write_begin+0x92/0xe0 fs/hfs/inode.c:59
 cont_expand_zero fs/buffer.c:2398 [inline]
 cont_write_begin+0x263/0x7b0 fs/buffer.c:2461
 hfs_write_begin+0x92/0xe0 fs/hfs/inode.c:59
 hfs_file_truncate+0x1c2/0xa10 fs/hfs/extent.c:494
 hfs_inode_setattr+0x4ab/0x6f0 fs/hfs/inode.c:657
 notify_change+0xbcd/0xee0 fs/attr.c:505
 do_truncate+0x1ac/0x240 fs/open.c:65
 vfs_truncate+0x262/0x2f0 fs/open.c:111
 do_sys_truncate+0xf2/0x1c0 fs/open.c:134
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7fd051f0f799
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffede059158 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
RAX: ffffffffffffffda RBX: 00007fd052188fa0 RCX: 00007fd051f0f799
RDX: 0000000000000000 RSI: 0000000002fffffd RDI: 0000200000000940
RBP: 00007fd051fa5c99 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fd052188fac R14: 00007fd052188fa0 R15: 00007fd052188fa0
 </TASK>